<html>
<head>
<title>Privr - Private Messaging for Everyone</title>
<link href="login.css" rel="stylesheet" type="text/css">
</head>
<body>
<div id=container name=container>
<table cellspacing=25 cellpadding=25>
<tr><td valign="top">
<h2>Registration</h2>
<p>Here you register. Remember, we never hold your private key. Enter your desired username and password, and copy in your public key.
This public key is available to members of your group that want to encrypt messages to you.  Remember, only you can decrypt the message since you hold
your own private key.</p>
<p>Enter your data (use a password you don't use anywhere else!) and click register.</p>
<p>After you register, you'll be able to create a group or be invited to a new group.</p><br>

<p>For a RSA key pair + modulus generator: <a href="http://www.ohdave.com/rsa/">Click Here</a></p>
<p>Generate a 1024 bit key and save the results to a text file.</p>
<p>The first value in the javascript section is your public key, the second your private key and the third is your modulus.</p>
<a href="index.php">Return to main page</a>
</td>
<td valign="top">
	<table border="0" bgcolor="#eeeeee" cellspacing="5" cellpadding="5" width="300">
	<tr><td>
	<form action="register.php" name="register" id="register">
		<table>
			<tr>
				<td>
					<p>User name:</p>
				</td>
				<td>
					<input type="text" id="userName" name="userName">
				</td>
			</tr>
			<tr>
				<td>
					<p>Password:</p>
				</td>

				<td>
					<input type="text" id="password" name="password">
				</td>
			</tr>
			<tr>
				<td>
					<p>Public Key:</p>
				</td>

				<td>
					<input type="text" id="publicKey" name="publicKey">
				</td>
			</tr>
			<tr>
				<td>
					<p>Key Modulus:</p>
				</td>

				<td>
					<input type="text" id="modulus" name="modulus">
				</td>
			</tr>

		</table><br>
		<center><input type="submit" value="Register"></center>
	</form>
	</td></tr>
	</table>
<br><br>
<?php
require_once("php/database.include.php");
$message = $_GET['message'];

if (!empty($message)) {
	echo $message . '<br/>';
}


$user = $_GET['userName'];
$pass = $_GET['password'];
$key = $_GET['publicKey'];
$modulus = $_GET['modulus'];


echo 'user:' . $user . '<br/>';
echo 'pass:' . $pass . '<br/>';
echo 'key:' . $key . '<br/>';
echo 'modulus:' . $modulus . '<br/>';

//first time through don't attempt validation
if (empty($user) && empty($pass) && empty($key)&& empty($modulus) ) {
	echo 'no data';
	exit;
}

$inputErrors = validateRegistrationInput($user, $pass, $key, $modulus);
if (strcmp('', $inputErrors) == 0 ) {
	register ($conn, $user, $pass, $key, $modulus);
}
else {
	header("Location: http://city-score.com/privr/register.php?message=Registration%20failed.%20" . $inputErrors);
}

function validateRegistrationInput($user, $pass, $key, $modulus) {
	$retVal = '';
	if (empty($user)) {
		$retVal .= 'Username cannot be empty .';
	}
	if (empty($pass)) {
		$retVal .= 'Password cannot be empty .';
	}
	if (empty($key)) {
		$retVal .= 'Public key cannot be empty .';
	}
	if (empty($modulus)) {
		$retVal .= 'modulus cannot be empty .';
	}

	//TODO: validation on key size?
}


/**
* Registers a new user for the site. If unable to register the user or if the username already
* exists, the user is given an error message and may attempt to register again.
* 
* @param userName String the user's login name (unencrypted)
* @param password String the user's password (unencrypted)
* @param publicKey String the user's 1024 bit public RSA key (unencrypted). 
* @returns on failure, redirects to register page with a failure message in the query string,
*          on success, redirects to login page 
*          (success autologin is not possible since login requires the private key)
*/
function register( $conn, $userName, $password, $publicKey, $modulus ) {
	$conn->beginTransaction();
	try {
		//TODO: validations which throw exceptions on failure
		
		$stmt = $conn->prepare('INSERT INTO user(name, password, public_key, modulus) VALUES(?, ?, ?, ?)');
		$retVal = $stmt->execute( array( $userName, $password, $publicKey, $modulus ) );
		$conn->commit();
		header("Location: http://privr.city-score.com/main.php?message=Registration%20success."); //TODO: https //TODO: TOR
		exit;
	}	
	catch(PDOException $e)
	{
		$conn->rollBack();
		print $e->getMessage();
		//header("Location: http://city-score.com/privr/register.php?message=Registration%20failed.%20Please%20try%20a%20different%20username.");
		exit;

	}
	catch(Exception $e) 
	{
		$conn->rollBack();
		print $e->getMessage();
		header("Location: http://city-score.com/privr/register.php?message=Registration%20failed.%20Unexpected%20Error.");
		exit;
	}
}
?>
</td>
</tr>
</table>
</div>
</body>
</html>